1c9cf5e690d1e46d914742407271d2b25a484eae6f060b33f2d62f9ae0620c4d

Analysis

max time kernel
6s
max time network
1s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
17-07-2024 07:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

builded.exe
Size

14.4MB
MD5

98a6877bae1da318f3b3d81b390cf3d3
SHA1

100d9a8829395281933af8fe5dca525395326f77
SHA256

1c9cf5e690d1e46d914742407271d2b25a484eae6f060b33f2d62f9ae0620c4d
SHA512

89c20d70a8d2f59100885f115283c0a6917f5ee94cbc4a2c0e84181c5f1c22f686095546705876757a86cbb1c2966161270e1c4035bb0397ce6f59cf61b4a3c3
SSDEEP

393216:HEkwAchDIq1+TtIiFg0VBbEwv56bjE46:HI9sq1QtI6NN5UEV

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
2456	builded.exe
2456	builded.exe
2456	builded.exe
2456	builded.exe
2456	builded.exe
2456	builded.exe
2456	builded.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3020 wrote to memory of 2456	3020	builded.exe	30
PID 3020 wrote to memory of 2456	3020	builded.exe	30
PID 3020 wrote to memory of 2456	3020	builded.exe	30

C:\Users\Admin\AppData\Local\Temp\builded.exe
"C:\Users\Admin\AppData\Local\Temp\builded.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3020
- C:\Users\Admin\AppData\Local\Temp\builded.exe
  "C:\Users\Admin\AppData\Local\Temp\builded.exe"
  2⤵
  - Loads dropped DLL
  PID:2456

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI30202\api-ms-win-core-file-l1-2-0.dll

Filesize
13KB

MD5
6b7d6ea75b923de520bc15140db7f2ff

SHA1
892670e88aec25bb53699cbdb91fdf29c80c2edd

SHA256
71eaefaf3cfbfd9f980ceae3917b99ce67523616ec143b809e804af095e20b2a

SHA512
e093f99e486f1f5d872986417eec47178054cd4f1d0aade2197a1c7a3f239f94dde559e60011b5cf70a552dde2b5e0ee402d62bf55b42ad085117665f74f9e89

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30202\api-ms-win-core-file-l2-1-0.dll

Filesize
13KB

MD5
18c310a4bfba189cded41dbfaa58ef7f

SHA1
04b9736a7940eb2939087ac5c8592580dc103bfc

SHA256
9af685250d374344bea1ed5b8aaaab43d363032ecf23432a75e740d2d0e808cf

SHA512
19e2214b37a88eaf3b7a4b3b3be64606c02bac38102232404a2a9937136af130d4526712f0e7431df4967e6d7882ed67794db9f1c4fe9d048256966baefa028a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30202\api-ms-win-core-localization-l1-2-0.dll

Filesize
15KB

MD5
abe52a0841eecde685f8e44fb734acf4

SHA1
1bff048283e4db9e62d5524e38271a0069a2a7b7

SHA256
0375432585ae22ba75af6c33c6af66f3b060de16cdeb1b7f555236aafe53690f

SHA512
feacfdf57d5c812d71509a304df49167d8eeae454e30b5386b3a9c64b2855ec3d4461e79f4c91dde29ff6ee7c3d53c1d5f50da0e8105f47485cd6b16d44612de

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30202\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
13KB

MD5
2208c5a8b9acf49dde9c2f4429f28ec5

SHA1
ce69f9db45b2383382daf7ca4e6ddab18f17e370

SHA256
ab8f610d67d6c94af1d0a6f048792b1efa1bb034f1ee08f190a56bdf18e7d178

SHA512
b8c603b783f6dcc0f35288fa74648b9b6c26f3af5408c9b2ecc1990bd7dd80bc47df9993297bed8db9ea318598680298fcca4c262607835149f69555ffa44187

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30202\api-ms-win-core-timezone-l1-1-0.dll

Filesize
13KB

MD5
4e2b4db8b4f414c32ceaa47e2e7da497

SHA1
520904f4d4abf82e995055dfb2b8b40be5f272ef

SHA256
19ad32585553e8b0e5856ef48dadb6bf03a16bf15ba1e3ef16889126f0c7eb61

SHA512
a14e5411d24f3eb190af4e6d665f63f515039f43d5bb667ae7f95c575ac699c19e58d59825361ce1542d2d57ea1668e76f21f06ec9a1b9dcb409f07b729ebe71

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30202\python312.dll

Filesize
6.6MB

MD5
d521654d889666a0bc753320f071ef60

SHA1
5fd9b90c5d0527e53c199f94bad540c1e0985db6

SHA256
21700f0bad5769a1b61ea408dc0a140ffd0a356a774c6eb0cc70e574b929d2e2

SHA512
7a726835423a36de80fb29ef65dfe7150bd1567cac6f3569e24d9fe091496c807556d0150456429a3d1a6fd2ed0b8ae3128ea3b8674c97f42ce7c897719d2cd3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30202\ucrtbase.dll

Filesize
987KB

MD5
ddb7c0d0a5b17040fb92250113ab99af

SHA1
e75626ff72d50299c2805c2ef2e062f6bf290922

SHA256
94b5cb5761b7e4e435b188365959431c8b5a2d3e7075659766b1c459175cc0f0

SHA512
3fc4ddb0f8233dec10ed5b3109e2b6623a5648649b3d1b4aeb88f9b6339ed43820e2477bdb55b5e090d76e8f4caeee64897a63b2d252141044ead39532770900

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads